<?
require_once('./lib/authentication.lib.php');
require_once('./lib/common.lib.php');

if (!$_SESSION["user"]) die("You have to be logged in");

?>

<HTML>
<HEAD><TITLE>Insert player</TITLE>
<SCRIPT TYPE="text/javascript" SRC="js/game.js"></SCRIPT>
<SCRIPT TYPE="text/javascript" SRC="js/insert_player.js"></SCRIPT>
<link rel="stylesheet" href="css/style.css" type="text/css">
</HEAD>

<BODY>

<?

if (isset($_GET["champ"]) and isset($_GET["team"]) and isset($_GET["team_name"]))
{
	$champ = mysql_escape_string($_GET["champ"]);
	$team = mysql_escape_string($_GET["team"]);
	$team_name = mysql_escape_string($_GET["team_name"]);
?>
	<H1>Insert player for team <?echo $team_name?></H1>
	<FORM ACTION="insert_player.php" METHOD="POST" NAME="existing">
	<INPUT TYPE="hidden" NAME="champ" VALUE="<?echo $champ?>">
	<INPUT TYPE="hidden" NAME="team" VALUE="<?echo $team?>">

	<DIV ID='player_info'></DIV>

	<SELECT NAME="player_id" onChange="show_player_info(this, document.getElementById('player_info'));">
<?

	$query = "SELECT id FROM Player, team_player WHERE team_player.player = Player.id AND team_player.team = '$team' AND team_player.champ = '$champ';";
	$result = mysql_query($query);
	$num = mysql_numrows($result);
	$ids = "''";
	for ($i = 0; $i < $num; $i++)
	{
		$id = mysql_result($result, $i, "id");
		$ids = "$ids, $id";
	}

	$query = "SELECT id, name, full_name FROM Player WHERE id NOT IN ($ids) ORDER BY name;";
	$result_player = mysql_query($query);
	$num_player = mysql_numrows($result_player);
	for ($i = 0; $i < $num_player; $i++)
	{
		$player_id = mysql_result($result_player, $i, "id");
		$player_name = mysql_result($result_player, $i, "name");
		$player_full = mysql_result($result_player, $i, "full_name");

		echo "<OPTION VALUE='$player_id'>$player_name - $player_full</OPTION>\n";
	}
?>
	</SELECT>
	<INPUT TYPE="submit" NAME="submit" value="Send">
	</FORM>

	<FORM ACTION="insert_player.php" METHOD="POST" NAME="new">
	<INPUT TYPE="hidden" NAME="champ" VALUE="<?echo $champ?>">
	<INPUT TYPE="hidden" NAME="team" VALUE="<?echo $team?>">
	<P>Name:
	<INPUT TYPE="text" NAME="name">
	<P>Full name:
	<INPUT TYPE="text" NAME="full_name">
	<P>Position:
	<SELECT NAME="position">
	<OPTION value="">--- Not set ---</OPTION>
<?
	$options = getEnumOptions("Player", "position");
	
	for ($i = 0; $i < count($options); $i++)
	{
		if ($options[$i] == $position) $selected = "selected";
		else $selected = "";
		echo "<OPTION $selected value='$options[$i]'>$options[$i]</OPTION>\n";
	}
?>
	</SELECT>
	<INPUT TYPE="submit" NAME="submit" value="Send">
<?
}
else if (isset($_POST["team"]) and isset($_POST["name"]))
{
	$champ = mysql_escape_string($_POST["champ"]);
	$team = mysql_escape_string($_POST["team"]);
	$name = mysql_escape_string($_POST["name"]);
	$full_name = mysql_escape_string($_POST["full_name"]);
	$position = mysql_escape_string($_POST["position"]);

	$query = "INSERT INTO Player VALUES ('', '$name', '$position', NULL, NULL, '$full_name')";
	mysql_query($query) or die("Could not insert player");

	$query = "SELECT LAST_INSERT_ID();";
	$result = mysql_query($query);
	$player_id = mysql_result($result, 0, 0);

	$query = "INSERT INTO team_player VALUES ('$team', '$player_id', '$champ')";
	mysql_query($query) or die("Could not insert player");
}
else if (isset($_POST["team"]) and isset($_POST["player_id"]))
{
	$champ = mysql_escape_string($_POST["champ"]);
	$team = mysql_escape_string($_POST["team"]);
	$player_id = mysql_escape_string($_POST["player_id"]);

	$query = "INSERT INTO team_player VALUES ('$team', '$player_id', '$champ')";
	mysql_query($query) or die("Could not insert player");

	$query = "SELECT name FROM Player WHERE id = '$player_id';";
	$result = mysql_query($query);
	$name = mysql_result($result, 0, "name");
}

if (isset($_POST["team"]))
{
?>

<SCRIPT>
<!--
player = new Array('<?echo $name?>', '<?echo $player_id?>', '<?echo $team?>');
if (window.opener.callback)
	window.opener.callback(player);
window.close();
-->
</SCRIPT>

<?
}
?>

</BODY>
</HTML>
